Apache MyFaces versions 2.2.13 and below, 2.3.7 and below, 2.3-next-M4 and below, and 2.1 and below suffer from a cross site request forgery vulnerability.
a8e80747410cdf24bd08eed09d1cb041
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) versions below 6.5 SP2 EN Patch 4 Build 1919 suffers from bypass, command execution, cross site request forgery, cross site scripting, and server-side request forgery vulnerabilities.
0011367f30c2126b8da594f31400e629
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versions prior to 9.1.0 Critical Patch Build 2025 suffer from XML injection, over-privileged access, cross site request forgery, file disclosure, server-side request forgery, information leakage, and various other vulnerabilities.
dfa15ee9d60763987a67c4ef7525645a
eIDAS-Node versions 2.3 and below suffer from an authentication bypass vulnerability.
65072a0c9c2296301838749bb045f471
OpenPGP.js versions 4.2.0 suffer from invalid curve attack, message signature bypass, and information trust vulnerabilities.
c92ec18b969566f5f60471e1704c783d
OSCI-Transport Library 1.2 for German e-Government versions 1.8.1 and below suffer from an insecure cryptographic implementation and signature bypass vulnerabilities.
7d8dfcb6bbea4a458be7237a76e44121
Kerio Control VPN Protocol versions 9.2.7 and below have an issue where the cryptographic protocol employed exhibits severe design issues.
5ae6f2e18eea71c217129418afa93006
Governikus Autent SDK versions 3.8.1 and below suffer from a signature bypass vulnerability. This vulnerability could allow an attacker to impersonate any German citizen on a vulnerable web application.
66a2046d90ce6dc8fd56bd9619e0ad54
Citrix StorageZones Controller versions prior to 5.4.2 suffer from padding oracle, improper access restriction, and path traversal vulnerabilities.
25f551df2535dadd811ace404a1ecd28
Oracle Access Manager versions 11.1.2.3.0 and 12.2.1.3.0 suffer from an authentication bypass vulnerability.
b2d1fa8ff54174534c11d0df06d323dd
SecurEnvoy SecurMail version 9.1.501 suffers from cross site request forgery, cross site scripting, insecure direct object reference, missing authentication and authorization, and path traversal vulnerabilities.
34ce6bc45859e685368a551d86ff08e2
Micro Focus VisiBroker C++ version 8.5 SP2 suffers from multiple memory corruption vulnerabilities.
49e5b10ae54b8581b0809387e9a79239
OSCI-Transport library version 1.2 for German e-Government suffers from padding oracle, signature wrapping, and XML external entity injection vulnerabilities.
852b54bfa71394caa84d2551937c6f52
Guidance Software EnCase Forensic Imager versions 7.10 and below suffer from a stack-based buffer overflow vulnerability.
187545df23898b8d46492129016e88f4
EnCase Forensic Imager versions 7.10 and below suffer from denial of service and heap-based buffer overflow vulnerabilities.
1c5bac58a0fdaf56c3881bb3ed6e6585
Micro Focus GroupWise version 2014 R2 SP1 and below suffer from buffer overflow, cross site scripting, and integer overflow vulnerabilities.
6b54a385df31372c3fbf7bd670761a24
Multiple Micro Focus Filr appliances suffer from cross site request forgery, cross site scripting, command injection, insecure design, missing cookie flag, authentication bypass, poor permission, and path traversal vulnerabilities.
a5fc9da404b4e72d05033b99d55f7fbc
WSO2 Identity Server version 5.0.0 suffers from XML external entity injection, cross site request forgery, and cross site scripting vulnerabilities.
cab780534e71ce8a0a440f53b27066ea
Kodi/XBMC versions 14 and below suffer from a cross site request forgery vulnerability.
2b1422311d81ea0e325951bcd953ad3e
NetIQ eDirectory NDS iMonitor versions 8.8 SP8 and 8.8 SP7 suffer from a cross site scripting vulnerability.
aee8af210596cb47ba67c201dc2dfff7
NetIQ Access Manager version 4.0 SP1 suffers from cross site request forgery, external entity injection, information disclosure, and cross site scripting vulnerabilities.
28770947a64f6a9552aa49662c955abe
G-Parted versions 0.14.1 and below suffer from a root privilege escalation command execution vulnerability.
28d3c773f64a591079003cff8dc0d441
ADF Faces version 12.1.2.0 suffers from a cross site scripting vulnerability.
92cfe913c70c05fd20b854dbac5bf753
Rhythm Software File Manager version 1.16.6 and Rhythm Software File Manager HD version 1.11.5 suffer from local file disclosure, privilege escalation, and unauthenticated remote command injection vulnerabilities.
f9a496de63fd6fbd9f9526c0873be934
Symantec Web Gateway versions 5.1.0.* and below suffer from cross site request forgery, cross site scripting, command injection, and remote SQL injection vulnerabilities.
eba6575ed59d8f516b66606c704e60c2